(HXK5.VX25 

Attomev Docket No.: Pi 03 74 

\men<1ment» to the Claims, t no new amendments-) 
I {piexroiish amended) A method computing 

ietuvina at a BIOS m a swem a message from an authorized paih, uhetein the 
authoit/ed pam is selected Lorn <i gioup of authors/ed parties consisting of a manufacture! an 
ougmai equipment manufactmei, ami a iessot, 

authenticating that the message has been sent b\ the authorized pam using a digital 
signatute m the message and a public ke\ stoied m non-solatik stotage commumcameh 
coupled to the BIOS; 

\eiif\mg that the s\stem rs ( in intended recipient of the message 'uheiem \eni\mg 
Lompnses eompattng an identifiei m the message against a globaSK unique identifier (til IP) of 
the s\ stem the CtFID stored m the non-\olattle storage commiimeam eh eoupled to the BIOS 
and 

when the message has been successful authenticated and \enfied, 

eonttolhng a state of art optional fcatuie of a s\ skm resouice in the $>\stcm, using 

the BIOS according to the message wherein the message comprises ndotmati on to 

detettntne the optional featute, and whetein the message furtltet eontpnses a digital 

signature used for authenULatmg, and 

when the message fails the authenticating oi the \er thing then discatdwg the 

message. 

2. (canceled) 

3. (original) The method of claim 1 further comprising writing the message into a 
secure non-volatile location. 

4. (original) The method of claim 3 wherein the secure non-volatile location comprises 
a remote storage. 
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s (pre\iousl\ amended) fhe method of claim i further comprising splicing the 
content of the message mto an execution path of the RlOs\ wheiein the splicing comprises at 
least one of modifxmg the BIOS or erasmg ft pot uon of the BIOS, in response to the message 

<•> {previously amended i The method of claim ! further comprising loading and 
executing content of the message using the BIOS at run-tune, wherein the message ts received 
via a network transmission. 

7 <pie\iousl\ amended) The method ot d;nm i fuither composing updating a 
featme set of the s\ stem BIOS aeeotdmg to the message, whetetn the feaUue set compiles a 
status of features of the ss stem 

8. (previously amended) A system comprising: 

a system resource having controllable optional features; 

a noti-voiatiie memory that stores a BIOS, the BIOS being adapted to receive a secure 
message from an authorized party for controlling at least one of the optional features, wherein 
the secure message comprises information to determine the at least one of the optional features, 
wherein the authorized party is selected from a group of authorized parties consisting of a 
manufacturer, an original equipment manufacturer, and a lessor, and wherein the system is to 
boot without enabling the at least one optional feature when the secure message is not received 
from the authorized party; and 

verification component to compare an identifier in the message against a globally unique 
identifier tGUTD) of the system to verify an intended recipient of the message. 

9. (previously amended) The system of claim 8 further comprising a write-once non- 
volatile unit for storing a public key accessible by the BIOS. 

It) (previously amended) The system <>t claim 8 wherein the BIOS includes 
authentication citcuitrs for authenticating the secure message with a public lt\ 
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I I ( prc\ i ousl v amende J ) The sv stein ot claim H further compi i si ng a wt i te-onee 
nonvolatile mm lot stottng theGl ID accessible h\ the RIOS 

12. (canceled) 

13. (previously amended) The system of claim 8 further comprising a secure non- 
volatile location for storing at least one of the optional features to be enabled, the location being 
readable and writable by the BIOS. 

14. (previously amended) The system of claim 13 wherein the location comprises a 
remote storage. 

1 5. (previously amended) The system of claim 8 wherein the BIDS also includes a 
featutf set that is updated according to content of the secuie non-volatile storage, wherein the 
fcatuic set com pi ises a status of features of the s\ stem 

I o (pievioush amended) The s\ stem ot claim X whetein the loads and 
evecutes the content of the message at tun-tune, whet em the message is tecened via a network 
transmission. 

1 7 (ptt-\ ious!\ amended) \ computer ptogram pu>ducr residing on a computer 
icadable medium comprising instructions for causing a computer to 

tecene at a RIOS in a sWem, a message (torn at) authorised pam, wheictn the 
authou/ed part\ is selected from a snoup of authoit/ed patties consisting of a manufacturer, an 
original equipment mamifdettiiei and a iessut, 

authenticate that the message has been sent h\ the authorized pait\ using d digital 
signature tn the message and a public ke\ stored in a nonvolatile stoiage eommunicdttseh 
coupled to the BIOS: 

\ erif\ that the s\stem is an intended tecipient of the message, wheietn senfving 
comprises comparing an identdiei tn the message as/atnst a globaih unique identifier (GITD} of 
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the system, the GU1D stored in the non- volatile storage communicatively coupled to the BIOS; 
and 

when the message has been successfully authenticated and verified, control a state of a 
feature of a system resource, using the BIOS, according to the message, wherein the message 
comprises information to determine the optional feature of the system, and 

when the message fails Uie authentication or the verifying, then discard the message. 

18. (canceled) 

1°. (previously amended) The computer program product of claim 17, further 
comprising instructions for causing a computer to write the message into a secure non-volatile 
location. 

20. (previously amended) The computer program product of claim 19 wherein the 
secure non- volatile location comprises a remote storage. 

21 (previously amended) The computer program product of claim 17 further 
comprising instructions for causing a computer to splice the content of the message into an 
execution path of the BIDS. 

22. (previously amended) The computer program product of claim 1 7 further 
comprising instructions for causing a computer to load and execute the content of the message at 
the BIOS at run-time, wherein the message is received via a network transmission. 

23. (previously amended) The computer program product of claim .17 further 
comprising instructions for causing a computer to update a. feature set of the system BIOS 
according to the message, wherein the feature set comprises a status of features of the system. 

2-1. (previously amended) A method comprising 

when a message from an authorized party is received at a BIOS of a system: 
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\ e-nt\ mt> an identifies m the message against a giobails unique idcntttlei (01 ID) 
or the svstem.. 

authenticating that the message has been sent b\ an authon/ed pdtt\ 
puhlK pmatekes pan the publK kes stored in nonvolatile storage coinmumcattseh 
coupled to <! BIOS oi the s\ stem and 

contjoilinii a state of an optional featuie of a ss stem tesouice, usnvo. the BK)S 
upon booting the astern, aecoidutg to the message wheiein the message composes 
mfoimarson to detetmmc the optional iUttuit and whet tin tht message furthet 
eumpt ibes a digital signature and 
uht_n a message ftom an authon/ed parts is not teeeoed at a BIOS 

booting the system Without enabling optional featutes of the sxstem 

25. (previously presented) The method of claim 24, further comprising splicing the 
content of the message into an execution path of die BIOS whet tin tht splicing comprises at 
least one of modifs my the BIO>< or eiasmg a pom on of i!k BlOiv in response to the nussa^t 

2t> (pteviousK presented* The method of claim 24, kuther cotnpitsins/ loading and 
executing content of the message using the BIOS at iun-Urae unci em the message is jeteued 
via a network transmission. 

27 ( pro loush amended) V s\ stem comprising 

a astern icsouree having eontiollable optional features, wheiem the ss stent icsouiee is 
selected fiom the gtoup of s\ stem tesouo.es consisting of slot age capacit\ pr«vcssot 
redundancy processor speed, metnois. input output demes, processors teduudaut powet 
supplies Penpheial Component Interconnect (PCI) bus and other elements of the s\ stem 
eoutnhutable to processing power, 

a nonvolatile memors that stores a BIOS, the BIOs, to iecei\e a seeuie message fiom an 
authorized part) foi controlling at least erne of the optional featuies, wheiem the secure message 
comprises information to dttcrmiut the at least out ot the optional featuies, information to 
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authenticate the authorized parn, arnl mfoimarion to ventS the s\stem is. authored to enable at 
least one optional featuie oj the system resoutce, and 

an authonticat.il to decrypt, authenticate and \etif\ the seeme message, the sonfjcauon 
u^ing a globalh unique identifier ((JL'tD) to unique!} identif\ the s\ stem and to discaid the 
secuie message ifiadute occuks during am one oi deuspnon authentication and verification 

28 (pse\ soush pseseuted) 1 he s\ stem of ciaim 27, whcicin the secure message is to 
be received by the BIOS during run-time of the system, 

2°. (previously presented) The system of claim 28, wherein the system is to be 
rebooted to enable the BIOS to control the at least one of the optional features according to the 
received secure message 

30 (pre\ iousJy presented ) The s\ stem of claim 2" \\ herei n the B K >S is to load and 
evecutc the content of the message at run-time, wherein the message is received \ ia one of a 
network transmission and electronic mail. 

1 1 (pjLOSi.uisls presented 1 I he s\ stem ot t hum 27 whet em the secure message 
eompnscs o editable code to be used as a P\namicaH\ E oaded Lihtais (D! E ) and uhetun the 
Dl i is to be stored m non-\ olatile storage coupled to the BIOS and wherein the Dl i is to be 
loaded by the BIOS at run-time. 

>2 (pie\ iousK amended) The s\ stem as teeited in claim K w hetetn the s\ stem 
computes a platfotm tn authenticate the secutc message b\ the BIOS without requiting a 
ptocessoi oi hatdwaie m addtnon to haiduare used m the swem to execute the BIOS in oidei 
to perform the authentication. 
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